Juniper Networks 5200, 208, 204, 500 Compatibility Issues in ScreenOS, General Compatibility Issues

Page 30

Juniper Networks

NetScreen Release Notes

 

 

SSH Version 1 Interoperability – The embedded SSH server in ScreenOS 5.0.0 has issues with the client from SSH Communications Security when operating in SSH version 1 mode.

W/A: Use SSH version 2 or a different SSH version 1 client, such as

OpenSSH.

Primary & Backup Interfaces – (Juniper NetScreen-5XT) The primary and backup interfaces bound to the Untrust security zone cannot both use DHCP for address assignment at the same time. You can use DHCP for one interface and PPPoE for the other. Or you can use PPPoE for both interfaces.

Loading License Keys – The Juniper NetScreen-5XP device does not properly load license keys via the WebUI. However, you can load license keys via the CLI using the exec license-keycommand.

Aggressive Aging – The Aggressive Aging feature is not supported on the Juniper NetScreen-5000 Series devices.

SSHv2 Implementations – The SSHv2 feature specification requires support for two implementations: OpenSSH and Secure CRT.

Upgrade Limitations – When upgrading a device to ScreenOS 5.0.0UPGR in Transparent mode, the device experiences the following problems:

The device fails during upgrading from ScreenOS 4.0.1 to ScreenOS 5.0.0 in a VPN scenario.

In clear text situations (where traffic is not encrypted to pass through a VPN tunnel), after the upgrade to ScreenOS 5.0.0UPGR, the user had to run the clear arp and clear mac-lcommands to enable the device to work because some ARP entries learn on the wrong port.

Updated Message ID Numbers – The NetScreen Message Log Reference Guide (Part Number 093-0917-000 Rev. D) now contains an updated message ID number for Deep Inspection attack messages. The message, formerly associated with ID number 00001, now maps to ID number 00601. Although the ID number has already been changed in the guide, the ID number will not change in the code until the next revision of ScreenOS 5.0.0.

5.2Compatibility Issues in ScreenOS 5.0.0

Below are the known compatibility issues at the time of this release. Whenever possible, a workaround (starting with “W/A:”) has been provided for your convenience.

• General Compatibility Issues

ScreenOS 5.0.0r9-FIPS

P/N 093-1638-000, Rev. A

Page 30 of 42

Page 29 Page 31
Image 30
Page 29 Page 31
Contents Contents Version Summary New Features and Enhancements from ScreenOS 5.0.0r8 New Features and EnhancementsNew Features and Enhancements in ScreenOS 5.0.0r9-FIPS Set av http skipmime Unset av http skipmimeNew Features and Enhancements from ScreenOS 5.0.0r6 New Features and Enhancements from ScreenOS 5.0.0r1Addressed Issues in ScreenOS 5.0.0r9-FIPS Changes to Default BehaviorAddressed Issues in ScreenOS Get log system savedJuniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes VIP cannot be contacted VIP is now alive Addressed Issues from ScreenOS 5.0.0r8 Juniper Networks NetScreen Release Notes Get traffic log include Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Dhcp IP Pool not in the same subnet with gateway/interface Juniper Networks NetScreen Release Notes Addressed Issues from ScreenOS 5.0.0r7 Addressed Issues from ScreenOS 5.0.0r6Juniper Networks NetScreen Release Notes Addressed Issues from ScreenOS 5.0.0r5 Addressed Issues from ScreenOS 5.0.0r4Set interface tunnel.2 nhtb 10.1.2.5 vpn Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Addressed Issues from Previous Releases Juniper Networks NetScreen Release Notes Known Issues Limitations of Features in ScreenOSCompatibility Issues in ScreenOS General Compatibility IssuesUpgrade Paths from Previous Releases Known Issues in ScreenOS Known Issues in ScreenOS 5.0.0r9-FIPSKnown Issues from ScreenOS 5.0.0r8 Known Issues from ScreenOS 5.0.0r5 Known Issues from ScreenOS 5.0.0r7Known Issues from ScreenOS 5.0.0r6 Known Issues from ScreenOS 5.0.0r4Known Issues from ScreenOS 5.0.0r3 for the 5000-M2 Known Issues from ScreenOS 5.0.0r3 Known Issues from ScreenOS 5.0.0r2Known Issues from ScreenOS 5.0.0r1 Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Known Issues from Previous Releases Getting Help
Top Page Image Contents